Framework for privacy-aware content distribution in peer-to- peer networks with copyright protection

The use of peer-to-peer (P2P) networks for multimedia distribution has spread out globally in recent years. This mass popularity is primarily driven by the efficient distribution of content, also giving rise to piracy and copyright infringement as well as privacy concerns. An end user (buyer) of a P2P content distribution system does not want to reveal his/her identity during a transaction with a content owner (merchant), whereas the merchant does not want the buyer to further redistribute the content illegally. Therefore, there is a strong need for content distribution mechanisms over P2P networks that do not pose security and privacy threats to copyright holders and end users, respectively. However, the current systems being developed to provide copyright and privacy protection to merchants and end users employ cryptographic mechanisms, which incur high computational and communication costs, making these systems impractical for the distribution of big files, such as music albums or movies.El uso de soluciones de igual a igual (peer-to-peer, P2P) para la distribución multimedia se ha extendido mundialmente en los últimos años. La amplia popularidad de este paradigma se debe, principalmente, a la distribución eficiente de los contenidos, pero también da lugar a la piratería, a la violación del copyright y a problemas de privacidad. Un usuario final (comprador) de un sistema de distribución de contenidos P2P no quiere revelar su identidad durante una transacción con un propietario de contenidos (comerciante), mientras que el comerciante no quiere que el comprador pueda redistribuir ilegalmente el contenido más adelante. Por lo tanto, existe una fuerte necesidad de mecanismos de distribución de contenidos por medio de redes P2P que no supongan un riesgo de seguridad y privacidad a los titulares de derechos y los usuarios finales, respectivamente. Sin embargo, los sistemas actuales que se desarrollan con el propósito de proteger el copyright y la privacidad de los comerciantes y los usuarios finales emplean mecanismos de cifrado que implican unas cargas computacionales y de comunicaciones muy elevadas que convierten a estos sistemas en poco prácticos para distribuir archivos de gran tamaño, tales como álbumes de música o películas.L'ús de solucions d'igual a igual (peer-to-peer, P2P) per a la distribució multimèdia s'ha estès mundialment els darrers anys. L'àmplia popularitat d'aquest paradigma es deu, principalment, a la distribució eficient dels continguts, però també dóna lloc a la pirateria, a la violació del copyright i a problemes de privadesa. Un usuari final (comprador) d'un sistema de distribució de continguts P2P no vol revelar la seva identitat durant una transacció amb un propietari de continguts (comerciant), mentre que el comerciant no vol que el comprador pugui redistribuir il·legalment el contingut més endavant. Per tant, hi ha una gran necessitat de mecanismes de distribució de continguts per mitjà de xarxes P2P que no comportin un risc de seguretat i privadesa als titulars de drets i els usuaris finals, respectivament. Tanmateix, els sistemes actuals que es desenvolupen amb el propòsit de protegir el copyright i la privadesa dels comerciants i els usuaris finals fan servir mecanismes d'encriptació que impliquen unes càrregues computacionals i de comunicacions molt elevades que fan aquests sistemes poc pràctics per a distribuir arxius de grans dimensions, com ara àlbums de música o pel·lícules

End-to-end security in active networks

Active network solutions have been proposed to many of the problems caused by the increasing heterogeneity of the Internet. These ystems allow nodes within the network to process data passing through in several ways. Allowing code from various sources to run on routers introduces numerous security concerns that have been addressed by research into safe languages, restricted execution environments, and other related areas. But little attention has been paid to an even more critical question: the effect on end-to-end security of active flow manipulation. This thesis first examines the threat model implicit in active networks. It develops a framework of security protocols in use at various layers of the networking stack, and their utility to multimedia transport and flow processing, and asks if it is reasonable to give active routers access to the plaintext of these flows. After considering the various security problem introduced, such as vulnerability to attacks on intermediaries or coercion, it concludes not. We then ask if active network systems can be built that maintain end-to-end security without seriously degrading the functionality they provide. We describe the design and analysis of three such protocols: a distributed packet filtering system that can be used to adjust multimedia bandwidth requirements and defend against denial-of-service attacks; an efficient composition of link and transport-layer reliability mechanisms that increases the performance of TCP over lossy wireless links; and a distributed watermarking servicethat can efficiently deliver media flows marked with the identity of their recipients. In all three cases, similar functionality is provided to designs that do not maintain end-to-end security. Finally, we reconsider traditional end-to-end arguments in both networking and security, and show that they have continuing importance for Internet design. Our watermarking work adds the concept of splitting trust throughout a network to that model; we suggest further applications of this idea

Public Service Delivery: Role of Information and Communication Technology in Improving Governance and Development Impact

The focus of this paper is on improving governance through the use of information and communication technology (ICT) in the delivery of services to the poor, i.e., improving efficiency, accountability, and transparency, and reducing bribery. A number of papers recognize the potential benefits but they also point out that it has not been easy to harness this potential. This paper presents an analysis of effective case studies from developing countries where the benefits have reached a large number of poor citizens. It also identifies the critical success factors for wide-scale deployment. The paper includes cases on the use of ICTs in the management of delivery of public services in health, education, and provision of subsidized food. Cases on electronic delivery of government services, such as providing certificates and licenses to rural populations, which in turn provide entitlements to the poor for subsidized food, fertilizer, and health services are also included. ICT-enabled provision of information to enhance rural income is also covered

Digital Identity Scheme

학위논문(석사) -- 서울대학교대학원 : 행정대학원 글로벌행정전공, 2023. 2. Junki Kim.디지털 아이덴티티는 디지털 서비스와의 상호작용에서 개인을 고유하게 차별화하는 속성을 의미한다. 따라서 디지털 아이덴티티 전략은 디지털 아이덴티티 라이프사이클을 관리하는 정책, 기술, 조직 및 프로세스의 잘 설계된 집합체이다. 이는 디지털 변환의 필수 요소이며 디지털 신뢰를 강화하기 위한 핵심 요소이다. 그런 맥락에서, 이 논문은 국가 차원에서 디지털 아이덴티티 체계를 관리하는 데 있어 어려움을 이해하는 것을 목표로 한다. 정확성, 포괄성, 안전성, 사용 가능한 디지털 ID의 이점은 공공 및 민간 부문, 아카데미 및 국제 조직에 의해 널리 인식되고 있다. 이와 더불어 COVID-19의 세계적인 확산으로 인해 사회적 거리두기 조치와 비대면 거래가 증가하면서, 우리는 정부와 기업에 의해 개발되는 디지털 인증 플랫폼이 발전하는 것을 볼 수 있다. 그 결과, 대한민국(이하 한국)과 페루와 같은 나라들은 핸드폰, 인공지능, 빅데이터, 상호운용성, 데이터센터와 같은 부상한 기술을 활용하여 식별 및 인증 프로세스의 효율성을 높이기 위해 서로 다른 종류의 이니셔티브와 플랫폼을 개발, 시행하고 있다. 이에 따라 현재까지 정부24를 전자정부 공식포털로, 디지털원패스(Digital ONEPASS)를 디지털인증플랫폼으로 구현해 시민 비대면 인증이 가능하도록 하고 있으며, 주민등록제도(RRS)도 한국 디지털 아이덴티티 제도의 핵심요소로 자리매김하고 있다. 이와 비슷하게 페루의 경우 기존의 전자정부 접근 방식이 디지털 정부라는 새로운 패러다임으로 변모하였다는 것과, 디지털 기술은 더 이상 기술적 문제가 아니라 정치, 법률, 협력적 문제라는 이해를 바탕으로 2018년 디지털 정부가 제정되었다. 디지털 정체성을 강화하기 위해 두 개의 디지털 플랫폼이 시행되고 있는데, 하나는 시민 지향의 단일 디지털 플랫폼(GOB.PE)이며, 다른 하나는 디지털 신원 확인 및 인증을 위한 국가 플랫폼(ID)이다. 두 플랫폼은 정부에 의해 유지되고 개발된다. 이처럼 한국과 페루의 정책 사이에 유사점이 있지만 결과는 다르다. 전자정부개발지수(EDGI)에서 한국은 세계 2위, 페루는 71위, 한국은 디지털 인증 플랫폼이 구현되어 있고, 정부24는 다양한 인증을 사용하고 있다. ONE PASS, KAKAO, 삼성 PASS 등 시민을 위한 간편하고 편리한 인증 방법이 사용된다. 또한 2021년까지 정부24를 통해 온라인으로 접수된 청원은 13202만 5035건에 달하며, 증명서와 문서는 시민이 직접 프린터를 통해 출력했다. 페루의 경우 디지털 아이덴티티 전략은 디지털 정부법이 규제하는 공공부문의 디지털 아이덴티티 프레임워크를 기반으로 정부가 기본적으로 주도하는 진행형 프로세스다. 따라서, 본 연구에서는 한국의 디지털 아이덴티티 전략이 개인의 디지털 아이덴티티의 정확성, 포괄성, 보안성 및 사용성을 강화하기 위해 어떤 성과를 내고 있는지 중점적으로 살펴보려고 한다. 우리는 유엔과 경제협력개발기구(OECD)가 사용하는 프레임워크를 적용한 비교 프레임워크를 활용해 유사점과 차이점을 규명할 예정이다. 한국과 페루의 비교 연구를 수행하는 시의적절하다. 왜냐하면 페루는 한국의 디지털 아이덴티티 제도의 모범 사례와 좋은 교훈을 활용할 수 있고 더 나은 정책과 결정을 설계할 수 있기 때문이다. 본 연구에서는 한국과 페루의 ICT 전문가와 온라인 인터뷰를 통해 양국의 디지털 아이덴티티 체계에 대한 심층적인 이해를 창출하는 정성적 연구 방법을 활용하였다. 총 10명의 전문가를 인터뷰했는데, 전문가와의 인터뷰는 한국과 페루의 디지털 아이덴티티 진화에 대한 개요를 제공하고 페루의 디지털 아이덴티티 제도 구현 과정에서 발생하는 과제를 식별할 수 있다. 디지털 공공 서비스의 개발 및 제공을 지원하기 위한 강력하고 지속적인 디지털 리더십, 시의적절한 법적 프레임워크, 현대 ICT 기술이라는 세 가지 요소에서 큰 차이가 나타났음을 알 수 있었다. 하지만 이 연구결과는 또한 페루에서 디지털 아이덴티티 생태계를 조성하기 위한 목적으로 제도적 정비를 하고, 규제를 개선하며, 예산을 최적화한다면 큰 성과를 얻을 수 있음을 시사한다. 주요 키워드: 디지털 아이덴티티, 디지털 정부, 디지털 변환, 디지털 아이덴티티 전략Digital identity is the collection of attributes that uniquely differentiates a person in his interaction with digital services. The literature and previous research suggest that it is an essential component to the digital transformation and a vital element for strengthening the digital trust. Currently, due to worldwide spread of COVID-19, which has accelerated the digital transition in the public and private sector, the non-face-to-face transactions have been increased, coupled with cybercrimes such as identity theft, private data leakage, fraud, among other cybercrimes. In this sense, governments should become aware of the importance of digital identity management, because it is increasingly embedded in everything we do in our digital and offline life (WEF, Identity in the Digital World a new chapter in the social contract, 2018, p. 9). To deal with those issues and leverage all the potential of digital identity at national level, many countries implement a Digital Identity Scheme, which is a well-designed and articulated collection of policies, business rules, technologies, organizations, and processes in charge of governing the digital identity lifecycle to promote a digital society. Hence, countries such as The Republic of Korea (hereinafter, Korea) and The Republic of Peru (hereinafter, Peru) have been developed and implemented different kind of policies, legal instruments, initiatives, and digital technologies to enhance accessibility, efficiency and security of the identification and authentication process, for instance, Korea has issued the Electronic Government Law and implemented cross-platforms such as Government24 (정부24) as official electronic government portal, Digital ONEPASS (디지털원패스) as a digital authentication platform to enable a convenient no-face-to-face authentication of the citizens, Resident Registration System (RRS), as a fundamental national information system which manages and stores relevant personal information of Koreans, and Sharing Information System (행정정보공동이용시스템), as a interoperability platform to exchange information with governmental agencies. Moreover, Korea has a PKI Scheme which is divided into a National Public Key Infrastructure (NPKI), and a Government Public Key Infrastructure (GPKI). All these regulations, technologies and platforms are vital elements of the Korean Digital Identity Scheme. In the case of Peru, based on Law N° 26497 enacted in 1995, the government has been managing and maintaining the National Identification Registry of Peruvian. Moreover, since issuance of Digital Government Law in 2018, Peru has been implemented different kind of cross-platforms such as the Single Digital Platform for Citizen Orientation (GOB.PE), to offer one point of contact between government and citizens, National Interoperability Platform, to promote information exchange among public entities, the National Digital Government Platform, to provide cloud services to the public entities, and National Platform for Identification and Authentication of Digital Identity (ID.GOB.PE), to verify a persons identity. Although there are similarities, the outcomes are different, in the Electronic Government Development Index 2022, Korea is ranked 3rd in the world, while Peru is ranked 59th, from another side, in terms of digital identity, Korea has a digital identity ecosystem operating, for instance Government24 accepts several authentication methods which are easily and conveniently for the citizens such as ONEPASS, KAKAO, Samsung PASS, among others (MOIS, Status of Government 24, 2022). To 2021, almost 132,025,035 petitions were filed online through Government24 (MOIS, Status of Government 24, 2022). In the case of Peru, the digital identity scheme is an ongoing project, which is leading basically by the government, based on the Digital Government Law and its enforcement decree. In that vein, this research aims at understanding the components for governing and managing a Digital Identity Scheme in Korea and Peru and identifying the gap between them. Therefore, in this study we are going to focus on how the Digital Identity Scheme of Korea is performing to strengthen accuracy, inclusiveness, security, and usability of digital identity of persons. We are going to establish the similarities and differences by using a comparison framework which is an adaptation of the frameworks used by the United Nations (UN), International Telecommunication Union (UIT) and Organization for Economic Cooperation and Development (OECD). Additionally, in this moment, undertaking a comparison study between Korea and Peru is a relevant work, because Peru is implementing transversal digital government platforms based on the Digital Government Law, and based on that we are dealing with cybercrimes and digital threats, that is why we can learn of the best practices and good lessons of the Digital Identity Scheme in Korea and design better policies and decisions for Peruvian implementation. This research was carried out by using a qualitative research method which involved online interviews with ICT specialists from Korea and Peru to generate an in-depth understanding of the digital identity scheme of both countries. A total of ten specialists were interviewed. Interviews provide an overview of the digital identity evolution in Korea and allow me to identify challenges and policy recommendations in the implementation process of Digital Identity Scheme in Peru. Based on the results the big differences are integrated in three factors: strong and continuous digital leadership, timely legal framework, and modern ICT technology to support development and public services rendering. However, the results also suggest that it is possible to get big achievements on the Digital Identity Scheme in Peru, making institutional arrangements, enhancing digital regulation and optimizing the budget with the purpose to create a sustainable digital identity ecosystem.ABSTRACT 5 LIST OF ABBREVIATIONS 9 LIST OF TABLES 9 CHAPTER 1: INTRODUCTION 12 1.1 STUDY BACKGROUND 12 1.2 BACKGROUND OF THE COUNTRIES 20 1.3 THEORETICAL BACKGROUND 27 1.4 PURPOSE OF THE RESEARCH 39 CHAPTER 2. KEY CONCEPTS AND FRAMEWORK 43 CHAPTER 3: LITERATURE REVIEW 77 CHAPTER 4: DIGITAL IDENTITY IN KOREA AND PERU 86 4.1 LEGAL FRAMEWORK 86 4.2 TECHNOLOGY 100 4.3 GOVERNANCE AND LEADERSHIP 116 4.4 BUDGET 120 4.5 MARKET 122 4.6 FINDINGS 122 CHAPTER 5: CONCLUSIONS 132 5.1 SUMMARY OF THE THESIS 132 5.2 POLICY COMPARISON 143 5.3 POLICY RECOMMENDATIONS 145 5.4 LIMITATIONS OF THE RESEARCH 150 REFERENCES 152 APPENDICES 158 APPENDIX 1. QUESTIONNAIRE 158 APPENDIX 2. MATRIZ OF COMPARISON 167석

Designing and generating prototype for E-Governance based election strategy using biometric authentication and smart card device

Not availabl

A conceptual model for federated authentication in the cloud

Authentication is a key security control for any computing system, whether that is a PC, server, laptop, tablet or mobile phone. However, authentication is traditionally poorly served, with existing implementations falling foul of a variety of weaknesses. Passwords are poorly selected, reused and shared (to name but a few). Research has suggested novel approaches to authentication such as transparent authentication and cooperative and distributed authentication. However, these technologies merely focus upon individual platforms rather than providing a universal and federated authentication approach that can be used across technologies and services. The advent of cloud computing, its universal connectivity, scalability and flexibility, offers a new opportunity of achieving usable and convenient authentication seamlessly in a technology and service independent fashion. The approach introduces a new dedicated authentication provider - the Managed Authentication Service Provider - that is able to provide state-of-the-art centralised verification of authenticity. However, relying upon such an environment also introduces a range of technology, privacy and trust-related issues that must be overcome

A conceptual model for federated authentication in the cloud

Authentication is a key security control for any computing system, whether that is a PC, server, laptop, tablet or mobile phone. However, authentication is traditionally poorly served, with existing implementations falling foul of a variety of weaknesses. Passwords are poorly selected, reused and shared (to name but a few). Research has suggested novel approaches to authentication such as transparent authentication and cooperative and distributed authentication. However, these technologies merely focus upon individual platforms rather than providing a universal and federated authentication approach that can be used across technologies and services. The advent of cloud computing, its universal connectivity, scalability and flexibility, offers a new opportunity of achieving usable and convenient authentication seamlessly in a technology and service independent fashion. The approach introduces a new dedicated authentication provider - the Managed Authentication Service Provider - that is able to provide state-of-the-art centralised verification of authenticity. However, relying upon such an environment also introduces a range of technology, privacy and trust-related issues that must be overcome

Generative Fingerprint Augmentation against Membership Inference Attacks

openThis thesis aspires to provide a privacy protection mechanism for neural networks concerning fingerprints. Biometric identifiers, especially fingerprints, have become crucial in the last several years, from banking operations to daily smartphone usage. Using generative adversarial networks (GANs), we train models specialized in compressing and decompressing (Codecs) images in order to augment the data these models used during the learning process to provide additional privacy preservation over the identity of the fingerprints found in such datasets. We test and analyze our framework with custom membership inference attacks (MIA) to assess the quality of our defensive mechanism.This thesis aspires to provide a privacy protection mechanism for neural networks concerning fingerprints. Biometric identifiers, especially fingerprints, have become crucial in the last several years, from banking operations to daily smartphone usage. Using generative adversarial networks (GANs), we train models specialized in compressing and decompressing (Codecs) images in order to augment the data these models used during the learning process to provide additional privacy preservation over the identity of the fingerprints found in such datasets. We test and analyze our framework with custom membership inference attacks (MIA) to assess the quality of our defensive mechanism